Help us improve our website. Provide feedback to [email protected]

Tap into the collective knowledge of the security community, with best practices and research from industry thought leaders.

Transitioning to the Cloud

Consensus driven guidance…

Start your journey by consulting the roadmap to cloud adoption, the CSA Security Guidance v4 and our Guidelines for Managing Security Service in the Cloud.

Combating governance complexity…

Simplify and clarify governance in an industry thick with complexity. Assess the overall security risk of a cloud provider with a single framework that consolidates industry-accepted security standards, regulations, and controls frameworks.

Confidence through education

Build confidence to support a cloud transition and beyond with focused training and skills certification.

Certificate of Cloud Security Knowledge (CCSK)

Cloud Governance & Compliance

Leveraging Industry Expertise

Enterprises can seek private, vendor-neutral advice from subject matter experts on everything from best practices for developing a cloud strategy to tactical issues such as selecting, evaluating, on-boarding and monitoring cloud service providers.

Increasing Trust & Transparency….

Improve your management, selection and procurement of cloud service providers with increased visibility into the controls being used to keep your data safe.

STAR Program

Streamlining Vendor IT Security & Risk Assessments

Formulating a Cloud Strategy

Tackling the hard questions…

When you join CSA we tackle current and future problems, looking ahead to what could be and
focusing on unresolved solutions to what the industry currently faces. Heading off potential security
issues, while investing in the development of tools and resources for current issues.

What are the base-level
security controls required for
an IoT system?
What are the top threats to
cloud computing?
How will we protect networks
and data in the era of quantum

Supporting Business Initiatives

Keeping a pulse on future technologies & standards

CSA is the single source for enterprises to understand how changes in standards and regulations affect your organization. Keep up with cloud security initiatives and understand how your organization can save money when complying with multiple standards. Participate in CSA’s Open Certification (OCF) working group or join our member-exclusive ISC Council.

Securing current and future partners…

Part of security is giving back; while your organization may be secure, that doesn’t mean the companies you partner with are. The CSA community realizes the value in ensuring that everyone is secure- from suppliers, to third-party services, to business partners. For mature organizations, joining CSA lets you be recognized as a leader by proposing and leading research initiatives.

Building your infrastructure for the future

As you build out your organization’s infrastructure, understand the potential risks of emerging technologies like quantum computing, IoT and Blockchain by contributing to CSA Research. Help the industry understand what all these research initiatives mean from a risk to organizational viewpoint. Our research offers a glimpse into the future of cloud technologies that allows mature cloud organizations to strategize and prepare for potential risks.

Join the Alliance


providers listed in
the STAR Registry


active working
groups and initiatives


research downloads


CloudBytes webinars

Latest News

Cloud Security Alliance Releases New Research Identifying Challenges in Securing Application Containers and Microservices

July 16, 2019


Cloud Security Alliance Releases Cloud Penetration Testing Playbook

July 12, 2019


Cloud Security Alliance Congress EMEA 2019 Call for Papers 
Deadline Extended

July 02, 2019


Cloud Security Alliance Releases Cloud Octagon Model to Facilitate Cloud Computing Risk Assessment

June 24, 2019


See more

Industry Insights

How Traffic Mirroring in the Cloud Works

July 8, 2019


Highlights from the CSA Summit at Cyberweek

July 3, 2019


The State of SDP Survey: A Summary

July 2, 2019


Using The CAIQ-Lite to Assess Third Party Vendors

July 1, 2019


See more

Resources & Education

CSA Knowledge Center

Our e-learning platform is a place to gain training on vendor-neutral & industry-backed research that won’t obliterate your training budget and complements other security certifications on the market.

STAR Registry

STAR verifies cloud providers that are prepared for the cloud. Ensuring trust & transparency in both security and privacy. View organizations who are cloud verified.


To this day industry experts, thought leaders and CSA analysts from around the world have collaborated to create over 200 research reports and artifacts freely available to the security community.

Upcoming CSA Events

Inaugural CSA Distinguished Speaker Series (DSS) 2019 by Timonthy Grance

July 19, 2019, Singapore


CSA Indonesia Summit 2019

July 22, 2019, Jakarta, Indonesia


Black Hat 2019

August 3, 2019 - August 8, 2019, Las Vegas, NV



For Solution Providers

Showcase your expertise and good practices to a global marketplace. Membership allows provides channel to hear about cloud challenges experienced by enterprise users. As competition continues to increase, take an active role in shaping the future of IT by setting the tone for future CSA education and research.


Privacy in the Cloud

GDPR Center of Excellence

This is CSA’s information hub for GDPR compliance in the cloud and emerging technologies. The center of excellence bundles knowledge from cloud experts and acts as a single point of entry for everything GDPR. Access tools, services and best practices to comply with GDPR.